Information Security Policy Statement

The Dubai International Financial Centre (DIFC) is committed to preserving the confidentiality, integrity and availability of client and personal information. Securing this information is fundamental for the success of its business operations and to maintain its reputation as a global financial centre. The DIFC maintains the confidentiality, integrity and availability of this information to meet mandatory legal and regulatory obligations, as well as its contractual, ethical, and moral obligations to its clients, staff, and other interested parties.

The DIFC has implemented an Information Security Management System (ISMS) in accordance with the requirements of the international standard ISO/IEC 27001 to ensure that information security is managed systematically and effectively. The performance of the ISMS and its compliance with ISO/IEC 27001 is reviewed regularly by management, and independently audited by both internal and external assessors at least once each year.

Through the information security risk management process, risks related to ISMS are systematically identified, analysed, evaluated, and treated to an acceptable level.

All third parties who become aware of an information security breach are required to report the incident by providing details of the breach.

Report a Security Breach